Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/_oreZyFVo2jWbHq275iTESw299g.roa
File: _oreZyFVo2jWbHq275iTESw299g.roa (raw, json)
Hash identifier: /1GTiop7lCMUo23yTI0jzZ33QWw2mRV58SmHDqIUw7o=
Subject key identifier: FE:8A:DE:67:21:55:A3:68:D6:6C:7A:B6:EF:98:93:11:2C:36:F7:D8
Certificate issuer: /CN=53b46ab79b9fc58f5dc4cf29d72dc5267ec3edde
Certificate serial: 0194266BF56678102CDFA0F6AFC535592458
Authority key identifier: 53:B4:6A:B7:9B:9F:C5:8F:5D:C4:CF:29:D7:2D:C5:26:7E:C3:ED:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/_oreZyFVo2jWbHq275iTESw299g.roa
Signing time: Thu 02 Jan 2025 09:49:56 +0000
ROA not before: Thu 02 Jan 2025 09:49:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34686
IP address blocks: 80.254.231.0/24 maxlen: 24
91.216.32.0/24 maxlen: 24
2001:67c:1084::/48 maxlen: 48
2a13:5240::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 26 Feb 2025 10:03:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:f5:66:78:10:2c:df:a0:f6:af:c5:35:59:24:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53b46ab79b9fc58f5dc4cf29d72dc5267ec3edde
Validity
Not Before: Jan 2 09:49:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fe8ade672155a368d66c7ab6ef9893112c36f7d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:48:2d:86:ab:58:05:7e:07:47:60:2a:f6:6a:
56:f3:10:59:7d:5e:74:7c:b7:18:91:4c:18:1f:18:
8d:f7:77:23:7f:3b:75:97:c5:05:6a:d9:8b:93:ec:
21:f5:bc:f3:c9:7f:67:0d:8d:03:4b:1f:c5:da:d8:
3e:7a:7d:86:cd:4e:85:dc:7f:46:b9:61:5b:9e:08:
00:6c:b5:3f:e8:1d:a5:03:dd:2c:a4:02:d1:43:ca:
3f:47:1e:29:62:db:65:f1:a0:a1:c8:02:ac:d9:97:
36:a8:88:07:af:7c:21:0f:18:b7:34:1d:f6:df:8a:
d1:5c:37:03:58:da:39:5c:19:fc:a5:d9:d7:5b:70:
fb:8a:6b:45:f0:d5:f8:c9:f8:d0:a8:e5:3a:0a:5d:
4c:8c:cd:6e:4e:b4:3e:40:bb:a0:96:38:ad:83:5d:
71:1d:20:2d:40:3c:0a:1f:66:af:d7:68:01:0e:a3:
6a:3f:5b:e7:dc:bb:26:6c:29:5f:6e:c7:bf:ea:38:
14:84:af:f8:5f:81:0f:59:77:39:7f:c7:f2:dc:9e:
57:0b:29:19:68:83:c9:3f:bf:82:ef:57:aa:87:9b:
91:ff:d4:10:6f:20:ff:80:b4:9a:24:9f:be:78:a5:
5f:64:e9:b4:42:34:c5:b7:73:ae:a6:c0:13:71:fa:
40:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:8A:DE:67:21:55:A3:68:D6:6C:7A:B6:EF:98:93:11:2C:36:F7:D8
X509v3 Authority Key Identifier:
keyid:53:B4:6A:B7:9B:9F:C5:8F:5D:C4:CF:29:D7:2D:C5:26:7E:C3:ED:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/_oreZyFVo2jWbHq275iTESw299g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.254.231.0/24
91.216.32.0/24
IPv6:
2001:67c:1084::/48
2a13:5240::/32
Signature Algorithm: sha256WithRSAEncryption
18:d5:96:89:d8:d5:41:ca:de:c4:0f:33:a7:bb:da:71:5d:8f:
67:a1:d9:d4:05:e6:ad:dc:ec:95:2a:71:a1:9c:58:d4:8c:4e:
26:a6:e9:0c:97:bd:3d:0e:8d:a1:bd:be:58:ad:d4:6e:f0:9c:
a1:69:91:01:95:2c:c4:80:d5:b8:f1:7d:ed:a1:81:ca:02:35:
74:e1:71:99:4e:b0:0f:50:ea:dd:8e:91:ca:cb:b6:3a:9c:e3:
eb:3f:13:29:8b:cb:7e:bd:ab:c1:bc:f6:48:99:c9:9d:68:32:
f0:ed:2d:31:78:d8:3c:5e:22:73:d2:7d:2a:29:01:3f:5d:ec:
27:13:f6:77:df:6b:f6:94:5a:59:c8:ec:7d:7f:c6:f2:cc:cb:
59:4d:7f:ca:0f:c2:3e:91:ce:30:4a:d0:a7:88:83:02:e1:c9:
db:d0:ba:e4:a8:50:92:fc:0b:50:6b:36:6c:35:9b:73:d4:b9:
ba:20:41:e6:b0:24:71:03:69:e5:16:37:e5:87:12:60:66:01:
4a:72:b6:69:b9:4f:29:32:46:c4:97:d1:ac:d4:6b:4c:80:38:
ab:c1:17:b2:3f:fa:e6:26:7e:04:62:cb:d7:48:1b:55:0a:1b:
1c:73:1c:87:f6:43:fe:64:de:33:cd:24:f1:91:fd:6b:97:74:
06:e2:c9:87
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQma/VmeBAs36D2r8U1WSRYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYjQ2YWI3OWI5ZmM1OGY1ZGM0Y2YyOWQ3MmRjNTI2N2Vj
M2VkZGUwHhcNMjUwMTAyMDk0OTU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZThhZGU2NzIxNTVhMzY4ZDY2YzdhYjZlZjk4OTMxMTJjMzZmN2Q4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyUgthqtYBX4HR2Aq9mpW8xBZfV50
fLcYkUwYHxiN93cjfzt1l8UFatmLk+wh9bzzyX9nDY0DSx/F2tg+en2GzU6F3H9G
uWFbnggAbLU/6B2lA90spALRQ8o/Rx4pYttl8aChyAKs2Zc2qIgHr3whDxi3NB32
34rRXDcDWNo5XBn8pdnXW3D7imtF8NX4yfjQqOU6Cl1MjM1uTrQ+QLugljitg11x
HSAtQDwKH2av12gBDqNqP1vn3LsmbClfbse/6jgUhK/4X4EPWXc5f8fy3J5XCykZ
aIPJP7+C71eqh5uR/9QQbyD/gLSaJJ++eKVfZOm0QjTFt3OupsATcfpAxwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFP6K3mchVaNo1mx6tu+YkxEsNvfYMB8GA1UdIwQY
MBaAFFO0arebn8WPXcTPKdctxSZ+w+3eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTdScXQ1dWZ4WTlkeE04cDF5M0ZKbjdEN2Q0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9hYzlhZjYtN2ZjMy00ZDEzLWE1OTQt
MDYwYTQ3MzgwOTFkLzEvX29yZVp5RlZvMmpXYkhxMjc1aVRFU3cyOTlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9hYzlhZjYtN2ZjMy00ZDEzLWE1OTQtMDYwYTQ3MzgwOTFk
LzEvVTdScXQ1dWZ4WTlkeE04cDF5M0ZKbjdEN2Q0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQAUP7nAwQA
W9ggMBYEAgACMBADBwAgAQZ8EIQDBQAqE1JAMA0GCSqGSIb3DQEBCwUAA4IBAQAY
1ZaJ2NVByt7EDzOnu9pxXY9nodnUBeat3OyVKnGhnFjUjE4mpukMl709Do2hvb5Y
rdRu8JyhaZEBlSzEgNW48X3toYHKAjV04XGZTrAPUOrdjpHKy7Y6nOPrPxMpi8t+
vavBvPZImcmdaDLw7S0xeNg8XiJz0n0qKQE/XewnE/Z332v2lFpZyOx9f8byzMtZ
TX/KD8I+kc4wStCniIMC4cnb0LrkqFCS/AtQazZsNZtz1Lm6IEHmsCRxA2nlFjfl
hxJgZgFKcrZpuU8pMkbEl9Gs1GtMgDirwReyP/rmJn4EYsvXSBtVChsccxyH9kP+
ZN4zzSTxkf1rl3QG4smH
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:23:42 2025 by rpki-client